From 738f6d4adf4b472113124dd907de83e81f4266e9 Mon Sep 17 00:00:00 2001
From: Asad Malik <asadmal@amazon.com>
Date: Thu, 14 May 2026 11:24:58 -0500
Subject: [PATCH 1/2] Add two workflows; one to automate release, the second to
 retry failed dependabot pr creation

---
 .github/workflows/auto-security-release.yml | 24 +++++++++++++++++++++
 .github/workflows/dependabot-retry.yml      | 17 +++++++++++++++
 2 files changed, 41 insertions(+)
 create mode 100644 .github/workflows/auto-security-release.yml
 create mode 100644 .github/workflows/dependabot-retry.yml

diff --git a/.github/workflows/auto-security-release.yml b/.github/workflows/auto-security-release.yml
new file mode 100644
index 0000000..3f9ffa0
--- /dev/null
+++ b/.github/workflows/auto-security-release.yml
@@ -0,0 +1,24 @@
+name: Auto Security Release
+permissions:
+  contents: write
+  pull-requests: write
+on:
+  schedule:
+    - cron: "0 19 * * 1" # Every Monday at 2pm UTC-5 (7pm UTC)
+  workflow_dispatch:
+    inputs:
+      force:
+        description: "Force release even with non-dependabot commits"
+        type: boolean
+        default: false
+jobs:
+  run:
+    permissions:
+      contents: write
+      pull-requests: write
+    uses: aws-geospatial/github-workflows-for-amazon-location/.github/workflows/auto-security-release.yml@main
+    with:
+      force: ${{ inputs.force || false }}
+    secrets:
+      APP_ID: ${{ secrets.AUTO_RELEASE_BOT_APP_ID }}
+      APP_PRIVATE_KEY: ${{ secrets.AUTO_RELEASE_BOT_PRIVATE_KEY }}
diff --git a/.github/workflows/dependabot-retry.yml b/.github/workflows/dependabot-retry.yml
new file mode 100644
index 0000000..75e5521
--- /dev/null
+++ b/.github/workflows/dependabot-retry.yml
@@ -0,0 +1,17 @@
+name: Dependabot Auto Retry
+permissions:
+  security-events: write
+  pull-requests: read
+on:
+  schedule:
+    - cron: "0 9 * * *"
+  workflow_dispatch:
+jobs:
+  run:
+    permissions:
+      security-events: write
+      pull-requests: read
+    uses: aws-geospatial/github-workflows-for-amazon-location/.github/workflows/dependabot-retry.yml@main
+    secrets:
+      APP_ID: ${{ secrets.AUTO_RELEASE_BOT_APP_ID }}
+      APP_PRIVATE_KEY: ${{ secrets.AUTO_RELEASE_BOT_PRIVATE_KEY }}

From 57bdb9703338a2a5cc2596c3d1c033a5e832de69 Mon Sep 17 00:00:00 2001
From: Asad Malik <asadmal@amazon.com>
Date: Thu, 14 May 2026 15:10:19 -0500
Subject: [PATCH 2/2] Add auto-security-release and dependabot-retry workflows

---
 .../workflows/auto-security-release-js.yml    | 26 +++++++++++++++++++
 .../auto-security-release-kotlin.yml          | 26 +++++++++++++++++++
 ...se.yml => auto-security-release-swift.yml} |  4 ++-
 3 files changed, 55 insertions(+), 1 deletion(-)
 create mode 100644 .github/workflows/auto-security-release-js.yml
 create mode 100644 .github/workflows/auto-security-release-kotlin.yml
 rename .github/workflows/{auto-security-release.yml => auto-security-release-swift.yml} (88%)

diff --git a/.github/workflows/auto-security-release-js.yml b/.github/workflows/auto-security-release-js.yml
new file mode 100644
index 0000000..3985652
--- /dev/null
+++ b/.github/workflows/auto-security-release-js.yml
@@ -0,0 +1,26 @@
+name: Auto Security Release (JavaScript)
+permissions:
+  contents: write
+  pull-requests: write
+on:
+  schedule:
+    - cron: "0 19 * * 1" # Every Monday at 2pm UTC-5 (7pm UTC)
+  workflow_dispatch:
+    inputs:
+      force:
+        description: "Force release even with non-dependabot commits"
+        type: boolean
+        default: false
+jobs:
+  run:
+    permissions:
+      contents: write
+      pull-requests: write
+    uses: aws-geospatial/github-workflows-for-amazon-location/.github/workflows/auto-security-release.yml@main
+    with:
+      working-directory: javascript
+      tag-prefix: "js-v"
+      force: ${{ inputs.force || false }}
+    secrets:
+      APP_ID: ${{ secrets.AUTO_RELEASE_BOT_APP_ID }}
+      APP_PRIVATE_KEY: ${{ secrets.AUTO_RELEASE_BOT_PRIVATE_KEY }}
diff --git a/.github/workflows/auto-security-release-kotlin.yml b/.github/workflows/auto-security-release-kotlin.yml
new file mode 100644
index 0000000..f241f79
--- /dev/null
+++ b/.github/workflows/auto-security-release-kotlin.yml
@@ -0,0 +1,26 @@
+name: Auto Security Release (Kotlin)
+permissions:
+  contents: write
+  pull-requests: write
+on:
+  schedule:
+    - cron: "0 19 * * 1" # Every Monday at 2pm UTC-5 (7pm UTC)
+  workflow_dispatch:
+    inputs:
+      force:
+        description: "Force release even with non-dependabot commits"
+        type: boolean
+        default: false
+jobs:
+  run:
+    permissions:
+      contents: write
+      pull-requests: write
+    uses: aws-geospatial/github-workflows-for-amazon-location/.github/workflows/auto-security-release.yml@main
+    with:
+      working-directory: kotlin
+      tag-prefix: "kotlin-v"
+      force: ${{ inputs.force || false }}
+    secrets:
+      APP_ID: ${{ secrets.AUTO_RELEASE_BOT_APP_ID }}
+      APP_PRIVATE_KEY: ${{ secrets.AUTO_RELEASE_BOT_PRIVATE_KEY }}
diff --git a/.github/workflows/auto-security-release.yml b/.github/workflows/auto-security-release-swift.yml
similarity index 88%
rename from .github/workflows/auto-security-release.yml
rename to .github/workflows/auto-security-release-swift.yml
index 3f9ffa0..79740e7 100644
--- a/.github/workflows/auto-security-release.yml
+++ b/.github/workflows/auto-security-release-swift.yml
@@ -1,4 +1,4 @@
-name: Auto Security Release
+name: Auto Security Release (Swift)
 permissions:
   contents: write
   pull-requests: write
@@ -18,6 +18,8 @@ jobs:
       pull-requests: write
     uses: aws-geospatial/github-workflows-for-amazon-location/.github/workflows/auto-security-release.yml@main
     with:
+      working-directory: swift
+      tag-prefix: ""
       force: ${{ inputs.force || false }}
     secrets:
       APP_ID: ${{ secrets.AUTO_RELEASE_BOT_APP_ID }}